> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of David Wright
> Sent: Wednesday, May 01, 2002 1:50 PM
> > HPC nor HPS ever appears on the wire, so where did the attacker get it?
> > He can't calculate it unless he knows the password.
>
> He got it off the server's password file. This is the whole point of
> storing hased passwords! Even if someone can read your password file (e.g.
> /etc/passwd or /etc/shadow in unix), he can't use that knowledge to log
> into your servers.
>
> Scorce for defense in depth -- Microsoft: 0, Unix: 1.
Theoretically, yes. But there are such things as the Crypt-Breaker's
Workbench and UFC-Crypt that make it feasible to brute-force attack the Unix
hash. This is the whole reason the password was moved from the world
readable /etc/passwd to the protected /etc/shadow, because the hash actually
does need to be protected.
Not trying to denigrate Unix in favor of Microsoft, just pointing out that
both systems have their weaknesses. Of course, Microsoft's is a weakness in
fundamental design; the Unix password weakness is a matter of progress and
CPU power overcoming the basic encryption algorithm, not necessarily a
design flaw.
I personally think Bellcore S/Key is the right idea, but that's another
story. I think this thread has outlived its usefulness.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.comhttp://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support